Perens also says of the same code that it was released under open source license by caldera and that's why linux had the right to have it.
Well, that's just meaninless obfuscation by Perens, the open source license used by Caldera clearly states that copyright and license notices must be kept, so whoever copied this code broke the license.
The code was also present in the 32V version of Unix, and if SGI copied from that, the lack of AT&T copyright notice would be explained by the fact that it was never there in the first place!
So you think that some SGI low level programming geek went looking for a copy of 32V when he had a copy of SVR4 on his desk in front of him?
The code is crap, and not needed in Linux. The person who copied it in did it without thinking.
I don't think the episode is important, but when people go to "oh, those lovely big companies have all sorts of lawyers and due dilligence conformance teams, they could never make a mistake" gushes I feel like vomiting.
By the way, the Linux specific locking calls happen to be exactly the same as the SVR4.2MP ones (bar the name change).
"Nothing can change the fact that a Linux developer on the payroll of Silicon Graphics stripped copyright attributions from copyrighted System V code..."
Nothing, except, inconveniently, that it is not a fact. The fact is that SGI did extensive due diligence before contributing any code to Linux, and the code in question long precedes the development of Unix System V.
If SGI did extensive due diligence then why did they strip the original copyright notice from this code?
The oldest version of this code we've found so far is in Donald Knuth's The Art of Computer Programming, published in 1968.
So the code can't have been legaly copied from there (it's copyright).
The implementation shown in the slides was written by Dennis M. Ritchie or Ken Thompson at AT&T, in 1973. You can see the 1973 version of the function in this file, originally called dmr/malloc.c. The code is from Unix version 3, the oldest known version of Unix that still exists in machine-readable form. The complete source for that system can be found here on the net. In 2002, Caldera released this code as Open Source,
under this license.
But the license pointed to says:
Redistributions of source code and documentation must retain the above copyright notice, this list of conditions and the
following disclaimer.
So the code can't have been legaly copied from there as the copyright notice has been removed.
And finaly Perens argues:
AT&T was actually found to have
lost its copyright to the code in question during the lawsuit, because the code was published without a proper copyright notice.
Consequently, I find that Plaintiff has failed to demonstrate a likelihood that it can successfully defend its copyright in [Unix version] 32V.
The result is that between the judge's finding and 1996, when there were additional changes to the Berne copyright convention that would have made the AT&T code copyrightable, the code was essentially in the public domain.
But, so what? That's talking about Unix 32V, and Perens goes on to say:
the version that was included in Linux seems to be from System V.
Which has never been released under any kind of open source license or been put in the public domain.
So, yes, SGI could have copied the 32V code, but they didn't.
Or they could have copied the Unix Version 3 code, if they'd included the copyright and license notices, but they didn't.
But they had no right to copy the System V code at all.
Perens is right:
In this case, there was an error in the Linux developer's process (at SGI),
but this is just wrong:
It turns out that we have a legal right to use the code in question
as even Perens admits the code was copied from SysV.
Perens wrongly claimed "It turns out that we have a legal right to use the code in question" because it has only ever been released under the BSD license, which requires that the original copyright and license notice be kept, and the SGI cretin that copied it in ripped out the copyright notice.
The code was stolen, by some idiot at SGI, but it's no longer present, and how on earth TSG think they can sue IBM for the actions of SGI is beyond me.
"sales tax" is paid only at retail. VAT is paid on every transaction, but everyone who sells gets to keep the VAT that they pay out.
For example, I sell a you a PC. I have to charge you the price + VAT (and, unlike (most states in?) the US, I have to tell you the price + VAT)). I had to pay all my components at their price + VAT. I subtract the VAT I pay from the VAT I get and give the difference to the government.
Where it gets interesting is that if the guy who bought the PC uses it in a business that bills people (and so has to add VAT on what he bills) he can deduct the VAT he paid for my PC from the TVA he pays the government.
A nearly uncheatable tax. So, of course, enormous effort is put into cheating VAT.
The *real* problem with this proposal is that there's the underlying assumption that a CA can't go rogue because it will hurt business. There's only one problem with that:
So, if I have a problem, I know who your ISP is (I got his cert), he knows who your MTA is (he got its cert, or otherwise identified you), and you know who you are. (you do, don't you?)
Your ISP shouldn't accept mail from you (or your system) if he doesn't know who you are.
So you spam me. I complain to you, if you don't fix it I can complain to your MTA, if he doesn't fix it I can blacklist him.
but have you any reference to some document saying it is now expected that the From: header of a message should represent the sender's mailbox on the system the message was sent from?
I have no RFC for that, and in fact I think it's not necessary. What's necessary is that the MSA (i.e. the first MTA that gets the message) knows who the sender is, and knows that the From: address is (one of) the address of the sender.
AMTP seems to give a reliable method of tracking a message back to the sender, or back to the first badly behaving MTA. If that MTA won't fix the problem it'll get blacklisted.
I doubt it's the end of the war against spam, but it might be the beginning of the end. Oh my God I've gone bald!
So it would be interesting if implemented with legislation rather than without;
Why are slashdot readers such a bunch of statist pansies?
No, you don't need the law. If a MTA sends mis-identified mail then you complain. If it doesn't fix the problem you complain to the CA. If the CA doesn't revoke the certificate you blacklist the certificate, or even the whole CA if you're bloody minded.
The point is that the certificates cost money, so the spammer has to spend to send. A certificate blacklist would be a lot cleaner than the current IP address blacklists.
Many people send out mail with a "From:" address quite independent of the network originating the message; I do myself.
And the MSA (not MTA) that accepts the message with the forged From: address is broken and should be fixed or blacklisted.
Sorry, the days of trust and friendliness are over.
(I send almost all my mail from a network that has nothing to do with my From: address, but I send it via a MSA that checks my From: address. In a AMTP system the senders *MUST* be authentificated by their MSA. I'm not sure the RFC says this.)
As if a spammer's mail will be marked "commercial".
So, I get a com/optout message marked as per/individualy. I complain to the sender. If this continues I ask the senders CA to revoke the certificate. If they refuse I stop trusting that CA.
The whole point is that it DOES involve the Evil
Bit, aka com/optout, but that it includes a mechanism for detecting people who don't set the Evil Bit when they should have.
The only problem is that you have to trust the CA's to revoke certificates from people who misuse the system. Trust Verisign? Hah!.
NASA wants the thing to carry 7 people, instead of three.
Why? To economise on funeral costs? Yes, 7 burials for the price of 3, that's a smart cost saving measure.
What NASA wants should be the least important consideration. NASA wants a space plane 'cos it's the dream of all those pilots playing at astronauts they're stuck with.
grahamlee writes "It may be a case of 'do as we say, not as we do' over at the Santa Cruz Operation. The Netcraft statistics meter says that for the last year, SCO's web site has been served by Apache on Linux. Indeed, it's been more than a year since the site was ever served from a SCO Unix machine. So what is the possible reason for this? Your humble author suggests that SCO found themselves requiring a multithreaded web server, and as SCO UNIX is based on an ancient version of The UNIX spec it just couldn't cope;-)."
All you have to do is remember that The SCO Group is not SCO.
So SCO used to run their webserver on UnixWare, and Caldera ran theirs on Caldera linux.
What you see now at www.sco.com is the Caldera website. The SCO group probably don't have enough people who know how to set up a UnixWare system.
By the way, UnixWare has Posix threads, since 7 or 7.1 (can't remember offhand).
A CD is just an integer number. As is a DVD, or indeed any digitised information.
Well, that's just meaninless obfuscation by Perens, the open source license used by Caldera clearly states that copyright and license notices must be kept, so whoever copied this code broke the license.
The code is crap, and not needed in Linux. The person who copied it in did it without thinking.
I don't think the episode is important, but when people go to "oh, those lovely big companies have all sorts of lawyers and due dilligence conformance teams, they could never make a mistake" gushes I feel like vomiting.
By the way, the Linux specific locking calls happen to be exactly the same as the SVR4.2MP ones (bar the name change).
Quotes from Perens:
So the code can't have been legaly copied from there (it's copyright). But the license pointed to says: So the code can't have been legaly copied from there as the copyright notice has been removed.And finaly Perens argues:
But, so what? That's talking about Unix 32V, and Perens goes on to say: Which has never been released under any kind of open source license or been put in the public domain.So, yes, SGI could have copied the 32V code, but they didn't.
Or they could have copied the Unix Version 3 code, if they'd included the copyright and license notices, but they didn't.
But they had no right to copy the System V code at all.
Perens is right:
but this is just wrong: as even Perens admits the code was copied from SysV.Perens wrongly claimed "It turns out that we have a legal right to use the code in question" because it has only ever been released under the BSD license, which requires that the original copyright and license notice be kept, and the SGI cretin that copied it in ripped out the copyright notice.
The code was stolen, by some idiot at SGI, but it's no longer present, and how on earth TSG think they can sue IBM for the actions of SGI is beyond me.
Got it in one.
The trick is to always find a business reason for the things you buy.
You hardy Americans are all self employed aren't you?
Off to watch a a DVD on my wide screen TV, for research purposes don't you know.
Well, no.
"sales tax" is paid only at retail. VAT is paid on every transaction, but everyone who sells gets to keep the VAT that they pay out.
For example, I sell a you a PC. I have to charge you the price + VAT (and, unlike (most states in?) the US, I have to tell you the price + VAT)). I had to pay all my components at their price + VAT. I subtract the VAT I pay from the VAT I get and give the difference to the government.
Where it gets interesting is that if the guy who bought the PC uses it in a business that bills people (and so has to add VAT on what he bills) he can deduct the VAT he paid for my PC from the TVA he pays the government.
A nearly uncheatable tax. So, of course, enormous effort is put into cheating VAT.
MOD PARENT +99 FUNNY NOW!
If I had mod points...
Boy, I've trod in bulshit and I can tell you that isn't it.
Yup, and who is the biggest CA?
Verisign.
Very trustworthy.
So, if I have a problem, I know who your ISP is (I got his cert), he knows who your MTA is (he got its cert, or otherwise identified you), and you know who you are. (you do, don't you?)
:-)
Your ISP shouldn't accept mail from you (or your system) if he doesn't know who you are.
So you spam me. I complain to you, if you don't fix it I can complain to your MTA, if he doesn't fix it I can blacklist him.
The system might work if certs are not cheap
(the hint in the knifepoint trick is the placename, or, for the rot-13 enabled:
Zntan Pnegn, fvtarq ba gur svryqf bs Ehaalzrqr
I have no RFC for that, and in fact I think it's not necessary. What's necessary is that the MSA (i.e. the first MTA that gets the message) knows who the sender is, and knows that the From: address is (one of) the address of the sender.
AMTP seems to give a reliable method of tracking a message back to the sender, or back to the first badly behaving MTA. If that MTA won't fix the problem it'll get blacklisted.
I doubt it's the end of the war against spam, but it might be the beginning of the end. Oh my God I've gone bald!
So someone can come from Florida, chuck a brick through your window and nick your VCR and the police will do nothing?
Sounds reasonable, it's about what they'd do if a guy from Runnymede held you up at knifepoint and asked you to sign over all your propery.
Maybe the aforsaid knifepoint trick would work? It's been used in the past to some advantage.
One doesn't sue for illegal activity, one calls the police. If the police do nothing complain to your nearest politician.
Why are slashdot readers such a bunch of statist pansies?
No, you don't need the law. If a MTA sends mis-identified mail then you complain. If it doesn't fix the problem you complain to the CA. If the CA doesn't revoke the certificate you blacklist the certificate, or even the whole CA if you're bloody minded.
The point is that the certificates cost money, so the spammer has to spend to send. A certificate blacklist would be a lot cleaner than the current IP address blacklists.
Also a CA blacklist would be a WMD!
And the MSA (not MTA) that accepts the message with the forged From: address is broken and should be fixed or blacklisted.
Sorry, the days of trust and friendliness are over.
(I send almost all my mail from a network that has nothing to do with my From: address, but I send it via a MSA that checks my From: address. In a AMTP system the senders *MUST* be authentificated by their MSA. I'm not sure the RFC says this.)
So, I get a com/optout message marked as per/individualy. I complain to the sender. If this continues I ask the senders CA to revoke the certificate. If they refuse I stop trusting that CA.
The Usenet death penalty applied to mail.
Why does slashdot not let me put &EUR;?
The whole point is that it DOES involve the Evil Bit, aka com/optout, but that it includes a mechanism for detecting people who don't set the Evil Bit when they should have.
The only problem is that you have to trust the CA's to revoke certificates from people who misuse the system. Trust Verisign? Hah!.
What NASA wants should be the least important consideration. NASA wants a space plane 'cos it's the dream of all those pilots playing at astronauts they're stuck with.
Real spacecraft don't have wings.
Walk, you insensitive clod.
Ride a motorbike up Mount Washington, hah, why not just clear cut the trees, quarry the granite, and build a Wal Mart where it used to be?
So SCO used to run their webserver on UnixWare, and Caldera ran theirs on Caldera linux.
What you see now at www.sco.com is the Caldera website. The SCO group probably don't have enough people who know how to set up a UnixWare system.
By the way, UnixWare has Posix threads, since 7 or 7.1 (can't remember offhand).
Ah well, yet more proof that usenet is still more intelligent than slashdot.
Why the fuck not? His stupidity, blacklisting the whole world, has just made all offsite blacklists useless.